//package com.kunbo.config;
//
//import com.kunbo.util.CommunityConstant;
//import com.kunbo.util.JSON;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.access.AccessDeniedException;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.builders.WebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.core.AuthenticationException;
//import org.springframework.security.web.AuthenticationEntryPoint;
//import org.springframework.security.web.access.AccessDeniedHandler;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.io.PrintWriter;
//
//@Configuration
//public class SecurityConfig extends WebSecurityConfigurerAdapter implements CommunityConstant {
//
//    @Override
//    public void configure(WebSecurity web) throws Exception {
//        //忽略静态资源的访问
//        web.ignoring().antMatchers("/resources/**");
//    }
//
//    //授权逻辑
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
////        //super.configure(http);//盖掉父类就会跳过登录页面
////        http.formLogin()//登录表单的配置
////                .loginPage("/login")
////                .loginProcessingUrl("/login")
////                .successHandler(new AuthenticationSuccessHandler() {//处理成功时的逻辑
////                    @Override
////                    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
////                        response.sendRedirect(request.getContextPath() + "/index");
////                    }
////                }).failureHandler(new AuthenticationFailureHandler() {
////            @Override
////            public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
////                request.setAttribute("error", e.getMessage());
////                request.getRequestDispatcher("/login").forward(request, response);
////            }
////        });
////
////        //默认会拦截/logout请求，进行退出相关配置
////        //覆盖默认逻辑
////        http.logout()
////                .logoutUrl("/securitylogout")
////                .logoutSuccessHandler(new LogoutSuccessHandler() {
////                    @Override
////                    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
////                        response.sendRedirect(request.getContextPath() + "/index");
////                    }
////                });
//
//        //授权配置
//        http.authorizeRequests()
//                .antMatchers(
//                        "/welcome"
//                ).hasAnyAuthority(
//                AUTHORITY_GOD,
//                AUTHORITY_ADMIN,
//                AUTHORITY_USER
//        ).anyRequest().permitAll();
//        //没有权限的时候访问那个
//        http.exceptionHandling()
//                .authenticationEntryPoint(new AuthenticationEntryPoint() {
//                    //没有登录
//                    @Override
//                    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
//                        String xRequestedWith = request.getHeader("x-requested-with");
//                        if ("XMLHttpRequest".equals(xRequestedWith)) {
//                            response.setContentType("application/plain;charset=utf-8");
//                            PrintWriter writer = response.getWriter();
//                            writer.write(JSON.getJSONString("403", "你还没有登录"));
//                        } else {
//                            response.sendRedirect(request.getContextPath() + "/login");
//                        }
//                    }
//                })
//                //权限不足时的处理
//                .accessDeniedHandler(new AccessDeniedHandler() {
//                    @Override
//                    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
//                        String xRequestedWith = request.getHeader("x-requested-with");
//                        if ("XMLHttpRequest".equals(xRequestedWith)) {
//                            response.setContentType("application/plain;charset=utf-8");
//                            PrintWriter writer = response.getWriter();
//                            writer.write(JSON.getJSONString("403", "你没有访问权限"));
//                        } else {
//                            response.sendRedirect(request.getContextPath() + "/denied");
//                        }
//                    }
//                });
//    }
//}
